|
@@ -117,17 +117,80 @@ public class LoginController {
|
|
|
//update-end--Author:wangshuai Date:20200714 for:登录日志没有记录人员
|
|
//update-end--Author:wangshuai Date:20200714 for:登录日志没有记录人员
|
|
|
return result;
|
|
return result;
|
|
|
}
|
|
}
|
|
|
-
|
|
|
|
|
- @RequestMapping(value = "/loginFirst", method = RequestMethod.GET)
|
|
|
|
|
- public Result<?> login(){
|
|
|
|
|
|
|
+ /**
|
|
|
|
|
+ * 首页用户重置密码
|
|
|
|
|
+ */
|
|
|
|
|
+ //@RequiresRoles({"admin"})
|
|
|
|
|
+ @RequestMapping(value = "/updatePassword", method = RequestMethod.PUT)
|
|
|
|
|
+ public Result<?> updatePassword(@RequestBody Map <String,String>map,HttpServletRequest request) {
|
|
|
|
|
+ String username = map.get("username");
|
|
|
|
|
+ String oldpassword = map.get("oldpassword");
|
|
|
|
|
+ String password = map.get("password");
|
|
|
|
|
+ String confirmpassword = map.get("confirmpassword");
|
|
|
|
|
+ LoginUser sysUser = (LoginUser)SecurityUtils.getSubject().getPrincipal();
|
|
|
|
|
+ if(!sysUser.getUsername().equals(username)){
|
|
|
|
|
+ return Result.error("只允许修改自己的密码!");
|
|
|
|
|
+ }
|
|
|
|
|
+ SysUser user = this.sysUserService.getOne(new LambdaQueryWrapper<SysUser>().eq(SysUser::getUsername, username));
|
|
|
|
|
+ if(user==null) {
|
|
|
|
|
+ return Result.error("用户不存在!");
|
|
|
|
|
+ }
|
|
|
|
|
+ //update-begin---author:wangshuai ---date:20220316 for:[VUEN-234]修改密码添加敏感日志------------
|
|
|
|
|
+ LoginUser loginUser = (LoginUser) SecurityUtils.getSubject().getPrincipal();
|
|
|
|
|
+ baseCommonService.addLog("修改密码,username: " +loginUser.getUsername() ,CommonConstant.LOG_TYPE_2, 2);
|
|
|
|
|
+ //update-end---author:wangshuai ---date:20220316 for:[VUEN-234]修改密码添加敏感日志------------
|
|
|
|
|
+ Result<?> result = sysUserService.resetPassword(username, oldpassword, password, confirmpassword);
|
|
|
|
|
+ //退出登录
|
|
|
|
|
+ if (result.getCode()==200){
|
|
|
|
|
+ logout( request);
|
|
|
|
|
+ }
|
|
|
|
|
+ return result;
|
|
|
|
|
+ }
|
|
|
|
|
+ public Result<Object> logout(HttpServletRequest request) {
|
|
|
|
|
+ //用户退出逻辑
|
|
|
|
|
+ String token = request.getHeader(CommonConstant.X_ACCESS_TOKEN);
|
|
|
|
|
+ if (oConvertUtils.isEmpty(token)) {
|
|
|
|
|
+ return Result.error("退出登录失败!");
|
|
|
|
|
+ }
|
|
|
|
|
+ String username = JwtUtil.getUsername(token);
|
|
|
|
|
+ LoginUser sysUser = sysBaseApi.getUserByName(username);
|
|
|
|
|
+ if (sysUser != null) {
|
|
|
|
|
+ //update-begin--Author:wangshuai Date:20200714 for:登出日志没有记录人员
|
|
|
|
|
+ baseCommonService.addLog("用户名: " + sysUser.getRealname() + ",退出成功!", CommonConstant.LOG_TYPE_1, null, sysUser);
|
|
|
|
|
+ //update-end--Author:wangshuai Date:20200714 for:登出日志没有记录人员
|
|
|
|
|
+ log.info(" 用户名: " + sysUser.getRealname() + ",退出成功! ");
|
|
|
|
|
+ //清空用户登录Token缓存
|
|
|
|
|
+ redisUtil.del(CommonConstant.PREFIX_USER_TOKEN + token);
|
|
|
|
|
+ //清空用户登录Shiro权限缓存
|
|
|
|
|
+ redisUtil.del(CommonConstant.PREFIX_USER_SHIRO_CACHE + sysUser.getId());
|
|
|
|
|
+ //清空用户的缓存信息(包括部门信息),例如sys:cache:user::<username>
|
|
|
|
|
+ redisUtil.del(String.format("%s::%s", CacheConstant.SYS_USERS_CACHE, sysUser.getUsername()));
|
|
|
|
|
+ //调用shiro的logout
|
|
|
|
|
+ SecurityUtils.getSubject().logout();
|
|
|
|
|
+ return Result.ok("退出登录成功!");
|
|
|
|
|
+ } else {
|
|
|
|
|
+ return Result.error("Token无效!");
|
|
|
|
|
+ }
|
|
|
|
|
+ }
|
|
|
|
|
+ @RequestMapping(value = "/loginFirst", method = RequestMethod.POST)
|
|
|
|
|
+ public Result<?> login(@RequestBody SysUser user){
|
|
|
LambdaQueryWrapper<SysUser> queryWrapper = new LambdaQueryWrapper<>();
|
|
LambdaQueryWrapper<SysUser> queryWrapper = new LambdaQueryWrapper<>();
|
|
|
-
|
|
|
|
|
- LoginUser sysUserOne = (LoginUser) SecurityUtils.getSubject().getPrincipal();
|
|
|
|
|
- queryWrapper.eq(SysUser::getUsername,sysUserOne.getUsername());
|
|
|
|
|
|
|
+ queryWrapper.eq(SysUser::getUsername,user.getUsername());
|
|
|
SysUser sysUser = sysUserService.getOne(queryWrapper);
|
|
SysUser sysUser = sysUserService.getOne(queryWrapper);
|
|
|
- if (sysUser.getUpdateTime()==null ){
|
|
|
|
|
|
|
+ String encryptNew = PasswordUtil.encrypt(user.getUsername(), user.getPassword(), sysUser.getSalt());
|
|
|
|
|
+ String encryptOld = PasswordUtil.encrypt(user.getUsername(), "tncBeiqu.123", sysUser.getSalt());
|
|
|
|
|
+ if (encryptNew.equals(encryptOld) ){
|
|
|
return Result.error("首次登录 请先修改密码...");
|
|
return Result.error("首次登录 请先修改密码...");
|
|
|
|
|
+ }else {
|
|
|
|
|
+ // 计算毫秒数差值
|
|
|
|
|
+ long diffInMilliseconds = Math.abs(new Date().getTime() - sysUser.getUpdateTime().getTime());
|
|
|
|
|
+ // 将毫秒数转换为天数
|
|
|
|
|
+ long diffInDays = diffInMilliseconds / (24 * 60 * 60 * 1000);
|
|
|
|
|
+ if (diffInDays>30 ){
|
|
|
|
|
+ return Result.error("密码过期 请先修改密码...");
|
|
|
|
|
+ }
|
|
|
}
|
|
}
|
|
|
|
|
+
|
|
|
return Result.ok();
|
|
return Result.ok();
|
|
|
}
|
|
}
|
|
|
|
|
|